Mark, Tom, and anyone else who can shed a little light on the subject;
Mark, Thanks for your response. And your support. I was about to "Light one
Up" when I received your email. I owe you one. And now for a question that's
probably going to open a "Can Of Worms". I will start by apologising up
front for any offense loyal/fanatical Linux users may infer from this. I
apologise. There, that's done! Now, for the question.
Why are many Linux-based programs so complicated to set up?? Here we are,
getting involved in a conversation about a type of program which should be
relatively simple to install/setup/configure, and I'm sure that this won't
be the last time someone has a problem with IPchains/PMfirewall, or some
other package. I'm just curious though, why is it a real pain? You gents are
talking about using 2 or more techniques to accomplish something that should
be relatively easy. What's the big point that I'm not seeing? What I mean is
that although Linux is in a constant state of development, some of the
technologies are relatively constant. TCP/IP has been around for quite some
time, and is probably considered a "Standard" protocol these days, and I
would think that the rules governing it and ways to block/close ports would
also be pretty consistent. So why then does it take so much to tackle a
setup that should be a piece of cake? I realise that I may be understating
the issue, but what ever happened to a nice simple procedure? What ports do
you want to leave open? What ports do you want to close? Enable masquerading
? Yes/No? etc,etc. Run these rules each time you start this PC? Okey Dokey,
We're done! Have a nice day!! You know, Simple.
Personally, I'm glad I've broken away from most M$ products, and all the
various apps that used to cost Way Too Much. But many of them did perform
background tasks without having to be "Tweaked" ( assuming you're not
including all the various updates/patches/bug fixes/service packs! ). But as
an comparison, I used to use firewall/proxy apps that did exactly what they
said. Install and configure them and your done. In a GUI no less. Mark, why
should you have to read the ipchains HOW-TO 6 times??!!
Tom, why should you have to use PMfirewall AND PortSentry? Why does
PMfirewall ask the setup questions that it asks, and then leaves ports open
or just filtered, instead of totally closed? See what I mean? I'm a firm
beleiver in Linux and all it has to offer, but I'm wondering why it has to
be so darn tricky? I've tried using some of the frontends for ipchains, and
same thing. Not clear about what they're doing or confusing to use. One of
the things that I am very happy with is the System Administration Wizard in
LM 7.2 Corp Server, and don't get me started on the merits of Webmin! That's
a marvelous example of how to make a setup easy! There's quite a few others
out there, I'm sure. Since Linux is arguably much better than other O/Ses
out there and the Linux community does a fabulous job of bringing us great
packages, office suites, etc.,why do some of these things have to be enough
to warrant a trip to the shrink?? ( Insert deepest apology to psychiatrists
reading this! ). I'm under the impression that there's a conspiracy going
on! Someone is deliberately trying to make us think! I hate it when that
happens! I have a tough enough time paying my bills on time, so why make
these things harder to install and setup than they need to be?
OK, I'm done. Just wanted to vent, and maybe to get the creative juices
flowing! I don't know about you guys, but I'd pay good money for someone to
write up a quick and nasty Wizard/GUI for ipchains that would walk you
through the setup, step-by-step, and write the results to the ipchains
configuration file. Mom wanted me to be a "Rocket Scientist", but no, no,
no! I had to become a brain surgeon! Serves me right!
Dan LaBine
Registered Linux User #190712
